Security and trust
How Docnizer protects your documents
Last updated: February 26, 2026
Infrastructure
AWS-backed architecture
Core services run on AWS with encrypted storage, managed database services, and standard key management.
Encryption
Current security posture
- Encryption in transit via HTTPS/TLS.
- Encryption at rest for stored document data.
- Authenticated API access and user-scoped document boundaries.
- Login security through email verification flows and Google Sign-In support.
Note: End-to-end encryption is a roadmap feature and will be announced only after full rollout.
Login and verification
Docnizer supports secure account access through email verification flows and Google Sign-In. Emails are used only for account actions such as verification, password reset, and security notices.
Abuse Prevention Controls
- OTP resend cooldown and request throttling are enforced.
- Per-user and IP/device-aware limits are applied to verification and reset flows.
- Automatic lockout after repeated failed OTP verification attempts.
- Account emails are limited to verification, reset, and security notices.
- Operational monitoring is maintained for email delivery health.
Architecture snapshot
Infrastructure overview of Docnizer deployment and data flow.
Compliance posture
Docnizer follows privacy-first principles such as data minimization, limited access, purpose-based processing, and user-driven deletion controls.
Formal certifications or legal compliance claims are published separately once completed.